MOOCS REPORT

(Topic – Cyber Security)

SUBMITTED TO – SUBMITTED BY -
Mrs Sonali Gupta Akash Narendra Prasad
(Asst prof) Btech Cse Student id - 200111162
Cse Dept Roll no. 2018124
Sec – M
Class roll – 06
Sem - 4
 ACKNOWLEDGMENT

I would like to express our gratitude to

the Almighty, the most beneficent and the
most merciful, for successful completion of
MOOC Seminar. I wish to thank my parent
for their continuing support and
encouragement. I also wish to thank them
for providing me with the opportunity to
reach this far in our studies. I would like to
thank my class coordinator Ms. Sonali
Gupta madam for her patience, support and
encouragement throughout the completion
of this Course. At last but not the least, I
greatly indebted to others who directly or
indirectly helped me during this course.

Akash Narendra Prasad

Id – 200111162
Sec – M , 4th sem
What is cyber security?

Cyber security is the protection of internet-connected systems such as hardware, software and
data from cyber threats. The practice is used by individuals and enterprises to protect against
unauthorized access to data centers and other computerized systems.

A strong cyber security strategy can provide a good security posture against malicious
attacks designed to access, alter, delete, destroy or extort an organization's or user's systems
and sensitive data. Cyber security is also instrumental in preventing attacks that aim to
disable or disrupt a system's or device's operations.

Why is cyber security important?

risks With an increasing number of users, devices and programs in the modern enterprise,
combined with the increased deluge of data -- much of which is sensitive or confidential --
the importance of cyber security continues to grow. The growing volume and sophistication
of cyber attackers and attack techniques compound the problem even further.
What are the elements of cyber security and how does it work?

The cyber security field can be broken down into several different sections, the coordination
of which within the organization is crucial to the success of a cyber security program. These
sections include the following

 Network security

 Disaster recovery/business continuity planning

 Operational security

 Cloud security

 Critical infrastructure security

 Physical security

 End-user education

Maintaining cyber security in a constantly evolving threat landscape is a challenge for all
organizations. Traditional reactive approaches, in which resources were put toward protecting
systems against the biggest known threats, while lesser known threats were undefended, is no
longer a sufficient tactic. To keep up with changing security , a more proactive and adaptive
approach is necessary. Several key cyber security advisory organizations offer guidance. For
example, the National Institute of Standards and Technology (NIST) recommends adopting
continuous monitoring and real-time assessments as part of a risk assessment framework to
defend against known and unknown threats.

What are the benefits of cyber security?

The benefits of implementing and maintaining cyber security practices include:

 Business protection against cyber attacks and data breaches.

 Protection for data and networks.

 Prevention of unauthorized user access.

 Improved recovery time after a breach.

 Protection for end users and endpoint devices.

  Regulatory compliance.

 Business continuity.

 Improved confidence in the company's reputation and trust for developers, partners,
customers, stakeholders and employees.

What are the different types of cyber security threats?

The process of keeping up with new technologies, security trends and threat intelligence is a
challenging task. It is necessary in order to protect information and other assets from cyber
threats, which take many forms. Types of cyber threats include:

 Malware is a form of malicious software in which any file or program can be used to
harm a computer user. This includes worms, viruses, Trojans and spyware.

 Ransomware is another type of malware. It involves an attacker locking the victim's

computer system files -- typically through encryption -- and demanding a payment to
decrypt and unlock them.

 Social engineering is an attack that relies on human interaction to trick users into
breaking security procedures to gain sensitive information that is typically protected.

 Phishing is a form of social engineering where fraudulent email or text messages that
resemble those from reputable or known sources are sent. Often random attacks, the
intent of these messages is to steal sensitive data, such as credit card or login
information.

 Spear phishing is a type of phishing attack that has an intended target user, organization
or business.

 Insider threats are security breaches or losses caused by humans -- for example,

employees, contractors or customers. Insider threats can be malicious or negligent in
nature.

 Distributed denial-of-service (DDoS) attacks are those in which multiple systems

disrupt the traffic of a targeted system, such as a server, website or other network
resource. By flooding the target with messages, connection requests or packets, the
attackers can slow the system or crash it, preventing legitimate traffic from using it.
  Advanced persistent threats (APTs) are prolonged targeted attacks in which an
attacker infiltrates a network and remains undetected for long periods of time with the
aim to steal data.

 Man-in-the-middle (MitM) attacks are eavesdropping attacks that involve an attacker

intercepting and relaying messages between two parties who believe they are
communicating with each other.

Other common attacks include botnets, drive-by-download attacks, exploit kits, malvertising,
vishing, credential stuffing attacks, cross-site scripting (XSS) attacks, SQL injection attacks,
business email compromise (BEC) and zero-day exploits.

What are the top cyber security challenges?

Cyber security is continually challenged by hackers, data loss, privacy, risk management and
changing cyber security strategies. The number of cyber attacks is not expected to decrease in
the near future. Moreover, increased entry points for attacks, such as with the arrival of the
internet of things (IoT), increase the need to secure networks and devices.

One of the most problematic elements of cyber security is the evolving nature of security
risks. As new technologies emerge, and as technology is used in new or different ways, new
attack avenues are developed. Keeping up with these frequent changes and advances in
attacks, as well as updating practices to protect against them, can be challenging. Issues
include ensuring all elements of cyber security are continually updated to protect against
potential vulnerabilities. This can be especially difficult for smaller organizations without the
staff or in-house resources.

Additionally, organizations can gather a lot of potential data on individuals who use one or
more of their services. With more data being collected, the likelihood of a cybercriminal who
wants to steal personally identifiable information (PII) is another concern. For example, an
organization that stores PII in the cloud may be subject to a ransom ware attack.
Organizations should do what they can to prevent a cloud breach.

Cyber security programs should also address end-user education, as employees may

accidently bring viruses into the workplace on their laptops or mobile devices. Regular
security awareness training will help employees do their part in keeping their company safe
from cyber threats.

Another challenge to cyber security includes a shortage of qualified cyber security personnel.
As the amount of data collected and used by businesses grows, the need for cyber security
staff to analyze, manage and respond to incidents also increases. (ISC)2 estimated the
workplace gap between needed cyber security jobs and security professionals at 3.1 million.

How is automation used in cyber security?

Automation has become an integral component to keep companies protected from the
growing number and sophistication of cyber threats. Using artificial intelligence (AI)
and machine learning in areas with high-volume data streams can help improve cyber
security in three main categories:

 Threat detection. AI platforms can analyze data and recognize known threats, as well as
predict novel threats.

 Threat response. AI platforms also create and automatically enact security protections.

 Human augmentation. Security pros are often overloaded with alerts and repetitive
tasks. AI can help eliminate alert fatigue by automatically triaging low-risk alarms and
automating big data analysis and other repetitive tasks, freeing humans for more
sophisticated tasks.

Other benefits of automation in cyber security include attack classification, malware

classification, traffic analysis, compliance analysis and more.

Cyber security vendors and tools

Vendors in the cyber security field typically offer a variety of security products and services.
Common security tools and systems include:

 Identity and access management

 Firewalls

 Endpoint protection

 Antimalware
  Intrusion prevention/detection systems (IPS/IDS)

 Data loss prevention

 Endpoint detection and response

 Security information and event management (SIEM)

 Encryption tools

 Vulnerability scanners

 Virtual private networks

 Cloud workload protection platform

 Cloud access security broker

Well-known cyber security vendors include Check Point, Cisco, Code42, Crowd Strike, Fire
Eye, Fortinet, IBM, Imperva, KnowBe4, McAfee, Microsoft, Palo Alto Networks, Rapid7,
Splunk, Symantec, Trend Micro and Trustwave.

What are the career opportunities in cyber security?

As the cyber threat landscape continues to grow and new threats emerge -- such as IoT threats
-- individuals are needed with cyber security awareness and hardware and software skills..

IT professionals and other computer specialists are needed in security roles, such as:

 Chief information security officer (CISO) is the individual who implements the
security program across the organization and oversees the IT security department's
operations.

 Chief security office (CSO) is the executive responsible for the physical and/or cyber
security of a company.

 Security engineers protect company assets from threats with a focus on quality control
within the IT infrastructure.

 Security architects are responsible for planning, analyzing, designing, testing,

maintaining and supporting an enterprise's critical infrastructure.
  Security analysts have several responsibilities that include planning security measures
and controls, protecting digital files, and conducting both internal and external security
audits.

 Penetration testers are ethical hackers who test the security of systems, networks and

applications, seeking vulnerabilities that could be exploited by malicious actors.

 Threat hunters are threat analysts who aim to uncover vulnerabilities and attacks and
mitigate them before they compromise a business.

Other cyber security careers include security consultants, data protection officer, cloud
security architects, security operations manager (SOC) managers and analysts, security
investigators, cryptographers and security administrators.

Latest cyber threats

What are the latest cyber threats that individuals and organizations need to
guard against? Here are some of the most recent cyber threats that the U.K.,
U.S., and Australian governments have reported on.

Dridex malware

In December 2019, the U.S. Department of Justice (DoJ) charged the leader of an organized
cyber-criminal group for their part in a global Dridex malware attack. This malicious
campaign affected the public, government, infrastructure and business worldwide.

Dridex is a financial trojan with a range of capabilities. Affecting victims since 2014, it
infects computers though phishing emails or existing malware. Capable of stealing
passwords, banking details and personal data which can be used in fraudulent transactions, it
has caused massive financial losses amounting to hundreds of millions.

In response to the Dridex attacks, the U.K.’s National Cyber Security Centre advises the
public to “ensure devices are patched, anti-virus is turned on and up to date and files are
backed up”.

Romance scams

In February 2020, the FBI warned U.S. citizens to be aware of confidence fraud that
cybercriminals commit using dating sites, chat rooms and apps. Perpetrators take advantage
of people seeking new partners, duping victims into giving away personal data.
The FBI reports that romance cyber threats affected 114 victims in New Mexico in 2019,
with financial losses amounting to $1.6 million.

Emotet malware

In late 2019, The Australian Cyber Security Centre warned national

organizations about a widespread global cyber threat from Emotet malware.
Emotet is a sophisticated trojan that can steal data and also load other malware.
Emotet thrives on unsophisticated password: a reminder of the importance of
creating a secure password to guard against cyber threats.

End-user protection

End-user protection or endpoint security is a crucial aspect of cyber security.

After all, it is often an individual (the end-user) who accidentally uploads
malware or another form of cyber threat to their desktop, laptop or mobile
device.

So, how do cyber-security measures protect end users and systems? First, cyber-
security relies on cryptographic protocols to encrypt emails, files, and other
critical data. This not only protects information in transit, but also guards
against loss or theft.

In addition, end-user security software scans computers for pieces of malicious

code, quarantines this code, and then removes it from the machine. Security
programs can even detect and remove malicious code hidden in Master Boot
Record (MBR) and are designed to encrypt or wipe data from computer’s hard
drive.
Electronic security protocols also focus on real-time malware detection. Many
use heuristic and behavioral analysis to monitor the behavior of a program and
its code to defend against viruses or Trojans that change their shape with each
execution (polymorphic and metamorphic malware). Security programs can
confine potentially malicious programs to a virtual bubble separate from a user's
network to analyze their behavior and learn how to better detect new infections.

Security programs continue to evolve new defenses as cyber-security

professionals identify new threats and new ways to combat them. To make the
most of end-user security software, employees need to be educated about how
 to use it. Crucially, keeping it running and updating it frequently ensures that it
can protect users against the latest cyber threats.

Cyber safety tips - protect yourself against cyberattacks

 How can businesses and individuals guard against cyber threats? Here are our
top cyber safety tips:

1.     Update your software and operating system: This means you benefit from
the latest security patches.
2.     Use anti-virus software: Security solutions like Kaspersky Total Security
will detect and removes threats. Keep your software updated for the best level
of protection.
3.     Use strong passwords :Ensure your passwords are not easily guessable.
4.     Do not open email attachments from unknown senders:These could be
infected with malware.
5.     Do not click on links in emails from unknown senders or unfamiliar
websites:This is a common way that malware is spread.
6.     Avoid using unsecure WiFi networks in public places:Unsecure networks
leave you vulnerable to man-in-the-middle attacks.
Kaspersky Endpoint Security received three AV-TEST awards for the best
performance, protection, and usability for a corporate endpoint security product
in 2021. In all tests Kaspersky Endpoint Security showed outstanding
performance, protection, and usability for businesses.